This archive details security vulnerabilities discovered as a result of Security Explorations digital satellite TV research project. Included are two talks given at Hack In The Box on May 24, 2012 and three cumulative vulnerability reports.

This archive details security vulnerabilities discovered as a result of Security Explorations digital satellite TV research project. Included are two talks given at Hack In The Box on May 24, 2012 and three cumulative vulnerability reports.

This archive details security vulnerabilities discovered as a result of Security Explorations digital satellite TV research project. Included are two talks given at Hack In The Box on May 24, 2012 and three cumulative vulnerability reports.

sshscan is a horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. It uses iplist.txt as the input of IP addresses in the form of X.X.X.X, X.X.X.X/XX, X.X.X.X-X.X.X.X, or X.X.X.X-X with X-X in any octet.

sshscan is a horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. It uses iplist.txt as the input of IP addresses in the form of X.X.X.X, X.X.X.X/XX, X.X.X.X-X.X.X.X, or X.X.X.X-X with X-X in any octet.

sshscan is a horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. It uses iplist.txt as the input of IP addresses in the form of X.X.X.X, X.X.X.X/XX, X.X.X.X-X.X.X.X, or X.X.X.X-X with X-X in any octet.

Code:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package jigsaw is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

I don't know where to say this but you guys are awesome. bt5r3 is just what I need. I'm a network admin and I have to run Windows at work, but it now runs under a vm on Ubuntu. I will be moving to bt5 as soon as I can (stability of my workstation is paramount so changes are always concerning). bt5r3 is already on my home machine and my work laptop.

Anyway, just wanted to say thanks for a great OS and for not forcing Gnome3 and Unity on us. Please don't follow that Ubuntu path.

[Danilo Larizza] is sharing a network connection between a couple of apartments. They are not far apart, but they are also not right next to each other so a set of external antennas is necessary. He built this 2.4 GHz biquad antenna on the cheap (translated) just to test if it improved the signal before he [...]

So the Raspberry Pi sometimes doesn’t have the juice needed to run power-hungry USB dongles. The most common issue is with WiFi adapters. The solution has long been to use a powered USB hub, but [Mike Worth] didn’t want to take up that much extra space. The solution he worked out injects power directly into [...]

Hello all, I'm "new" at the forum because i usually don't ask, i read and search. Anyway, I'm still learning a lot about tools and how/when to use them - there're a LOT of them!
Some questions keep going on my mind and i haven't found a post that discuss exactly what I'm looking for and, maybe, it will help others with the same questions:

About Aircrack on WPA:
I have read a lot of way cracking wireless and i found two ways for WPA/WPA2: Bruteforce and Evil twin.
1-Is there any other effective way of cracking WPA?
2-How effective is bruteforcing with a Dictionary attack? I know there are programs to reduce and "fit" to a specif model your wordlist, but i think it is still so inefficient. For example, my wireless in a 8 numbers passaword length and i tried bruteforcing. Reducing my dictionary to a only 8 digits numbers would take, in average, 6 days to crack my password. Is this the idea? To let the computer running for days until it finds the correct match? I know i could batch the wordlist, etc, but it still ends at the leave-the-computer idea.

About MetaSploit:
1-All videos I've seen they can only exploit the computer when it has the AV down. So, I thought, at real, how effective is this exploit?
2-Is the bypass a A.V. and a Firewall the most hard difficulty when hacking into computers?
3-A lot of videos use some kind of social engineering to get the archive to the victims computer or it makes the person tell what he want. So what i conclude of this is that it is almost impossible to hack into someone's computer if you don't get any "help" from the victim. Am i right?

The Objective of this thread is to instinctive the discussion, the reflection about how the entire hacking process work.
Hope to get some useful answers and interesting points of view.

I have Backtrack 5 RC3 installed encrypted persistent on a 32GB Micro USB. I have chosen to not use swap partitioning due to some advice from users here and from a friend who said it 'could' shorten the life of the USB device. I was wondering if it's possible to use the swap partition of the HDD in my laptop (running Fedora17) while it is running and whether or not I can have it search for the partition on boot in case I plug the USB into another machine that doesn't have a swap partition present?

Also could anyone tell me the command entry I would need to do to achieve this if it's possible.

This truck is not simply a drive train and a radio module. Great care was taken to fabricate every part to work like a full-sized vehicle. NSFW WARNING: The forum on which the details have been posted is Russian and may have sidebar ads you don’t want on your screen at work. That being said, here’s the [...]

Hello all. I am new to all things linux. I have been using Windows for a while and have grown completely bored. I am a High School senior with a big interest in computers. I never tried linux before, but heard good things about it. I am here because, I would like to know the general/important do's and dont's when it comes to switching to a linux OS. Also, You guys could give me some advice/suggestions for which things I need to know before making the switch. I am not new to the whole programming/hacking area, I just never had the means to invest until now. But I have no background knowledge of any linux systems or tools, so if anyone is willing to help, that would be greatly appreciated.

We’d like to dig around in [Small Scale Research's] parts bin. Apparently there’s good stuff in there because he managed to build this Nixie tube clock using mostly leftovers. The chip driving the device is an ATtiny1634. We weren’t familiar with it so here’s a datasheet (pdf) if you’re curios as well. The microcontroller communicates [...]

[Ben Krasnow] built his own version of the TSA’s body scanner. The device works by firing a beam of x-rays at at target. Some of the beam will go through the target, some will be absorbed by the target, and some will reflect back. These reflected x-rays are called ‘backscatter‘, and they are captured to create an image. [...]

The last time you were in the emergency room after a horrible accident involving a PVC pressure vessel, a nurse probably clipped a device called a pulse oximeter onto one of your remaining fingers. These small electronic devices detect both your pulse and blood oxygen level with a pair of LEDs and a photosensor. [Anders] [...]

I've spent ages looking around for a USB dual band WiFi card to work with BT5 r3. I've searched the forums, spoken to Alfa etc but haven't got a definite answer.

Can anyone suggest a dual band (2.4 and 5ghz) wifi USB card, having spent ages trawling google and other forums etc i would be seriously grateful. I'm not too fussed about having a big antenna etc but anything will do so long as it can perform the usual tasks such as injection etc.

[Massimo], one of the creators of the Arduino, is a little perturbed over what passes for the truth over on Kickstarter. While [Massimo] does recognize that Kickstarter can be a force of good launching garage-designed projects into the hands of willing consumers, he noticed something was a little fishy with the recent smARtDUINO kickstarter (notice the [...]

Oh, we’ve been sitting on this one for a while. [Josef Prusa], brainchild behind what is probably the most popular 3D printer, has just unleashed a new hot end that is capable of printing objects in polycarbonate, PEEK, and nylon. This new hot end is completely made out of stainless steel – there are no plastic [...]

I am relatively new to Linux and have been trying to use Backtrack 5 (until few days ago I used Ubuntu 12.10). BT5 doesn't detect my wireless card so I cant connect to any wireless networks, I am using a Broadcom Corporation BCM4313 802.11b/g/n Wireless LAN Controller (rev 01) wireless card. And I am using a netbbok Acer AspireOne. I was wondering is there anything I can do like download drivers/patches etc. to make my internal wireless card work, or will I have to buy an external USB wifi adapter. Also I am booting via USB.

Introduction:
=============
Spotify is a Swedish music streaming service offering digitally restricted
streaming of selected music from a range of major and independent record
labels, including Sony, EMI, Warner Music Group and Universal. Launched in
October 2008 by Swedish startup Spotify AB, the service had approximately
ten million users as of 15...

[Acorv] wrote in to tell us about his latest hack, a robotic arm that writes with a marker. In the video after the break, the arm is set to copy whatever someone writes in a touchpad. As you might guess from this video, the hack is written up in Spanish, but it’s nothing your favorite [...]

So I am attempting to redirect all traffic on my wireless network to my SET java applet attack site.

I first went into my set_config (/pentest/exploits/set/config) and set ETTERCAP=ON and ETTERCAP_INTERFACE=wlan0

I booted up SET and chose

1) Social-engineering Attacks

2) Website Attack Vectors

1) Java Applet Attack Method

1) Web Templates

It asks me if I am NAT/Port forwarding, I say: no

I place my subnet ip 192.168.0.8

3) Google

It tells me that ARP Cache Poisoning is set to ON and asks what site i want to redirect to me I say: http://www.google.com

2) windows meterpreter reverse_tcp

16) Backdoor Executable

Port 443 (also tried 4444, should not matter I do not think)

And so it goes through its process until it boots up metasploit and sets up the listener. At this point I can only get the java cert to pop up if i go to "192.168.0.8" directly. Otherwise google just takes me to the real google. Also if instead of specifying google I have also tried the "*" flag so that it redirects everything. When I do this no pages load except for if I specifically dial in 192.168.0.8. So not sure what is keeping this thing from redirecting.

My wireless card is Atheros AR2425, Driver ath5k

I have turned off Kaspersky and my firewall for this attack.

I am on Backtrack 5 r3 gnome. I did an apt-get update and apt-get dist-upgrade, plus msfupdate and svn updates for SET and ETTERCAP.

If anyone knows maybe a better way to do this? I simply want to use the set java applet attack and redirect everything on my subnet to my SET server ip at 192.168.0.8

Thank you very much for your help and I am hoping I am posting this correct!

Hi just wondering (noob here) how to open more shells/terminals in backtrack 5 running on vmware player. is there a command? like ctrl+t
or something..the videos i have watched the user seems to just click an icon in vmware player but i dont have that icon?
thanks